[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] interactive shell session (/usr/sbin/jk_lsh)

From: Olivier Sessink
Subject: Re: [Jailkit-users] interactive shell session (/usr/sbin/jk_lsh)
Date: Thu, 27 Mar 2008 22:15:44 +0100
User-agent: Thunderbird (X11/20080227)

Snowman wrote:
> hi,
> i just want to ask what am i doing wrong :
> host su[17324]: Successful su for jailer by root
> host game su[17324]: + pts/1 root:jailer
> host su[17324]: (pam_unix) session opened for user jailer by (uid=0)
> host jk_chrootsh[17325]: now entering jail /home/jail for user jailer
> (1002)
> host jk_lsh[17325]: jk_lsh version 2.5, started
> host jk_lsh[17325]: WARNING: user jailer (1002) tried to get an
> interactive shell session (/usr/sbin/jk_lsh), which is never allowed by
> jk_lsh
> this is from /var/log/auth.log
> My problem is that i cant login user jailer to jail when the
> /home/jail/etc/passwd contain shell /usr/sbin/jk_lsh,
> when i change it to /bin/bash its no problem.

you are very right ;-)

jk_lsh blocks normal logins. Don't use it if you want a normal login.
jk_lsh can be used if you want to block normal logins, but you want to
allow for example rsync, cvs, scp or sftp.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]